[SCM] Samba Shared Repository - branch v4-13-stable updated
Jule Anger
janger at samba.org
Tue Sep 7 07:11:12 UTC 2021
The branch, v4-13-stable has been updated
via 2119f9f9f66 VERSION: Disable GIT_SNAPSHOT for the 4.13.11 release.
via 14acad25bd2 WHATSNEW: Add release notes for Samba 4.13.11.
via 20ef0b16ed3 registry: check for running as root in clustering mode
via 16fc7a12aca s3/lib/dbwrap: check if global_messaging_context() succeeded
via 6be92d44bb7 s3/rpc_server: track the number of policy handles with a talloc destructor
via f25f3118593 selftest: add a test for the "deadtime" parameter
via 23ce76e94e8 s3:libsmb: start encryption as soon as possible after the session setup
via 7c9aabe2dd0 s3: smbd: For FSCTL calls that go async, add the outstanding tevent_reqs to the aio list on the file handle.
via aa64f02ca94 configure: Do not put arguments into double quotes
via 97c6d6fee8a smbd: return correct timestamps for quota fake file
via a3dea8a0d08 smbd: handle fake file handles in dos_mode()
via 7ecf1650661 smbtorture: verify attributes on fake quota file handle
via 5b58f663724 libcli/smb: allow unexpected padding in SMB2 READ responses
via f47e9965c77 libcli/smb: make smb2cli_ioctl_parse_buffer() available as smb2cli_parse_dyn_buffer()
via d4d9bc847c5 s3:smbd: implement FSCTL_SMBTORTURE_GLOBAL_READ_RESPONSE_BODY_PADDING8
via 5d98e2f2960 s3:smbd: introduce a body_size variable in smbd_smb2_request_read_done
via e38295a091e s4:torture/smb2: add smb2.read.bug14607 test
via 6fa28f4eb3a VERSION: Bump version up to Samba 4.13.11...
from 85bb95881bb VERSION: Disable GIT_SNAPSHOT for the 4.13.10 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 58 ++++++++++++++-
configure | 2 +-
libcli/smb/smb2cli_ioctl.c | 123 ++++--------------------------
libcli/smb/smb2cli_read.c | 22 +++++-
libcli/smb/smbXcli_base.c | 91 +++++++++++++++++++++++
libcli/smb/smbXcli_base.h | 9 +++
libcli/smb/smb_constants.h | 2 +
selftest/knownfail | 1 +
source3/lib/dbwrap/dbwrap_open.c | 4 +
source3/libsmb/clidfs.c | 44 ++++++++---
source3/registry/reg_backend_db.c | 9 +++
source3/rpc_server/rpc_handles.c | 20 ++++-
source3/script/tests/test_deadtime.sh | 67 +++++++++++++++++
source3/selftest/tests.py | 4 +
source3/smbd/dosmode.c | 20 +++++
source3/smbd/filename.c | 5 ++
source3/smbd/globals.h | 4 +
source3/smbd/smb2_ioctl.c | 25 +++++++
source3/smbd/smb2_read.c | 14 +++-
source4/torture/smb2/create.c | 63 ++++++++++++++++
source4/torture/smb2/read.c | 136 ++++++++++++++++++++++++++++++++++
22 files changed, 596 insertions(+), 129 deletions(-)
create mode 100755 source3/script/tests/test_deadtime.sh
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index d05f3595233..8ab61a550f0 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=13
-SAMBA_VERSION_RELEASE=10
+SAMBA_VERSION_RELEASE=11
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index c141d32b62e..4b33797845e 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,58 @@
+ ===============================
+ Release Notes for Samba 4.13.11
+ September 07, 2021
+ ===============================
+
+
+This is the latest stable release of the Samba 4.13 release series.
+
+
+Changes since 4.13.10
+---------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 14769: smbd panic on force-close share during offload write.
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 14731: Fix returned attributes on fake quota file handle and avoid
+ hitting the VFS.
+ * BUG 14783: smbd "deadtime" parameter doesn't work anymore.
+ * BUG 14787: net conf list crashes when run as normal user.
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 14607: Work around special SMB2 READ response behavior of NetApp Ontap
+ 7.3.7.
+ * BUG 14793: Start the SMB encryption as soon as possible.
+
+o Andreas Schneider <asn at samba.org>
+ * BUG 14792: Winbind should not start if the socket path for the privileged
+ pipe is too long.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+
===============================
Release Notes for Samba 4.13.10
July 14, 2021
@@ -61,8 +116,7 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
==============================
diff --git a/configure b/configure
index a6ca50feb47..2b0ffb0dae1 100755
--- a/configure
+++ b/configure
@@ -13,5 +13,5 @@ export JOBS
unset LD_PRELOAD
cd . || exit 1
-$PYTHON $WAF configure "$@" || exit 1
+$PYTHON $WAF configure $@ || exit 1
cd $PREVPATH
diff --git a/libcli/smb/smb2cli_ioctl.c b/libcli/smb/smb2cli_ioctl.c
index f9abcc57bab..d638b281678 100644
--- a/libcli/smb/smb2cli_ioctl.c
+++ b/libcli/smb/smb2cli_ioctl.c
@@ -160,97 +160,6 @@ struct tevent_req *smb2cli_ioctl_send(TALLOC_CTX *mem_ctx,
return req;
}
-static NTSTATUS smb2cli_ioctl_parse_buffer(uint32_t dyn_offset,
- const DATA_BLOB dyn_buffer,
- uint32_t min_offset,
- uint32_t buffer_offset,
- uint32_t buffer_length,
- uint32_t max_length,
- uint32_t *next_offset,
- DATA_BLOB *buffer)
-{
- uint32_t offset;
- bool oob;
-
- *buffer = data_blob_null;
- *next_offset = dyn_offset;
-
- if (buffer_offset == 0) {
- /*
- * If the offset is 0, we better ignore
- * the buffer_length field.
- */
- return NT_STATUS_OK;
- }
-
- if (buffer_length == 0) {
- /*
- * If the length is 0, we better ignore
- * the buffer_offset field.
- */
- return NT_STATUS_OK;
- }
-
- if ((buffer_offset % 8) != 0) {
- /*
- * The offset needs to be 8 byte aligned.
- */
- return NT_STATUS_INVALID_NETWORK_RESPONSE;
- }
-
- /*
- * We used to enforce buffer_offset to be
- * an exact match of the expected minimum,
- * but the NetApp Ontap 7.3.7 SMB server
- * gets the padding wrong and aligns the
- * input_buffer_offset by a value of 8.
- *
- * So we just enforce that the offset is
- * not lower than the expected value.
- */
- SMB_ASSERT(min_offset >= dyn_offset);
- if (buffer_offset < min_offset) {
- return NT_STATUS_INVALID_NETWORK_RESPONSE;
- }
-
- /*
- * Make [input|output]_buffer_offset relative to "dyn_buffer"
- */
- offset = buffer_offset - dyn_offset;
- oob = smb_buffer_oob(dyn_buffer.length, offset, buffer_length);
- if (oob) {
- return NT_STATUS_INVALID_NETWORK_RESPONSE;
- }
-
- /*
- * Give the caller a hint what we consumed,
- * the caller may need to add possible padding.
- */
- *next_offset = buffer_offset + buffer_length;
-
- if (max_length == 0) {
- /*
- * If max_input_length is 0 we ignore the
- * input_buffer_length, because Windows 2008 echos the
- * DCERPC request from the requested input_buffer to
- * the response input_buffer.
- *
- * We just use the same logic also for max_output_length...
- */
- buffer_length = 0;
- }
-
- if (buffer_length > max_length) {
- return NT_STATUS_INVALID_NETWORK_RESPONSE;
- }
-
- *buffer = (DATA_BLOB) {
- .data = dyn_buffer.data + offset,
- .length = buffer_length,
- };
- return NT_STATUS_OK;
-}
-
static void smb2cli_ioctl_done(struct tevent_req *subreq)
{
struct tevent_req *req =
@@ -352,14 +261,14 @@ static void smb2cli_ioctl_done(struct tevent_req *subreq)
input_min_offset = dyn_ofs;
input_next_offset = dyn_ofs;
- error = smb2cli_ioctl_parse_buffer(dyn_ofs,
- dyn_buffer,
- input_min_offset,
- input_buffer_offset,
- input_buffer_length,
- state->max_input_length,
- &input_next_offset,
- &state->out_input_buffer);
+ error = smb2cli_parse_dyn_buffer(dyn_ofs,
+ dyn_buffer,
+ input_min_offset,
+ input_buffer_offset,
+ input_buffer_length,
+ state->max_input_length,
+ &input_next_offset,
+ &state->out_input_buffer);
if (tevent_req_nterror(req, error)) {
return;
}
@@ -370,14 +279,14 @@ static void smb2cli_ioctl_done(struct tevent_req *subreq)
*/
output_min_offset = NDR_ROUND(input_next_offset, 8);
output_next_offset = 0; /* this variable is completely ignored */
- error = smb2cli_ioctl_parse_buffer(dyn_ofs,
- dyn_buffer,
- output_min_offset,
- output_buffer_offset,
- output_buffer_length,
- state->max_output_length,
- &output_next_offset,
- &state->out_output_buffer);
+ error = smb2cli_parse_dyn_buffer(dyn_ofs,
+ dyn_buffer,
+ output_min_offset,
+ output_buffer_offset,
+ output_buffer_length,
+ state->max_output_length,
+ &output_next_offset,
+ &state->out_output_buffer);
if (tevent_req_nterror(req, error)) {
return;
}
diff --git a/libcli/smb/smb2cli_read.c b/libcli/smb/smb2cli_read.c
index 8110b65d432..c7f48741b87 100644
--- a/libcli/smb/smb2cli_read.c
+++ b/libcli/smb/smb2cli_read.c
@@ -90,8 +90,13 @@ static void smb2cli_read_done(struct tevent_req *subreq)
tevent_req_data(req,
struct smb2cli_read_state);
NTSTATUS status;
+ NTSTATUS error;
struct iovec *iov;
+ const uint8_t dyn_ofs = SMB2_HDR_BODY + 0x10;
+ DATA_BLOB dyn_buffer = data_blob_null;
uint8_t data_offset;
+ DATA_BLOB data_buffer = data_blob_null;
+ uint32_t next_offset = 0; /* this variable is completely ignored */
static const struct smb2cli_req_expected_response expected[] = {
{
.status = STATUS_BUFFER_OVERFLOW,
@@ -117,14 +122,23 @@ static void smb2cli_read_done(struct tevent_req *subreq)
data_offset = CVAL(iov[1].iov_base, 2);
state->data_length = IVAL(iov[1].iov_base, 4);
- if ((data_offset != SMB2_HDR_BODY + 16) ||
- (state->data_length > iov[2].iov_len)) {
- tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+ dyn_buffer = data_blob_const((uint8_t *)iov[2].iov_base,
+ iov[2].iov_len);
+
+ error = smb2cli_parse_dyn_buffer(dyn_ofs,
+ dyn_buffer,
+ dyn_ofs, /* min_offset */
+ data_offset,
+ state->data_length,
+ dyn_buffer.length, /* max_length */
+ &next_offset,
+ &data_buffer);
+ if (tevent_req_nterror(req, error)) {
return;
}
state->recv_iov = iov;
- state->data = (uint8_t *)iov[2].iov_base;
+ state->data = data_buffer.data;
state->out_valid = true;
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 4909797543c..bcb601dde59 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -6664,3 +6664,94 @@ uint64_t smb2cli_conn_get_mid(struct smbXcli_conn *conn)
{
return conn->smb2.mid;
}
+
+NTSTATUS smb2cli_parse_dyn_buffer(uint32_t dyn_offset,
+ const DATA_BLOB dyn_buffer,
+ uint32_t min_offset,
+ uint32_t buffer_offset,
+ uint32_t buffer_length,
+ uint32_t max_length,
+ uint32_t *next_offset,
+ DATA_BLOB *buffer)
+{
+ uint32_t offset;
+ bool oob;
+
+ *buffer = data_blob_null;
+ *next_offset = dyn_offset;
+
+ if (buffer_offset == 0) {
+ /*
+ * If the offset is 0, we better ignore
+ * the buffer_length field.
+ */
+ return NT_STATUS_OK;
+ }
+
+ if (buffer_length == 0) {
+ /*
+ * If the length is 0, we better ignore
+ * the buffer_offset field.
+ */
+ return NT_STATUS_OK;
+ }
+
+ if ((buffer_offset % 8) != 0) {
+ /*
+ * The offset needs to be 8 byte aligned.
+ */
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
+
+ /*
+ * We used to enforce buffer_offset to be
+ * an exact match of the expected minimum,
+ * but the NetApp Ontap 7.3.7 SMB server
+ * gets the padding wrong and aligns the
+ * input_buffer_offset by a value of 8.
+ *
+ * So we just enforce that the offset is
+ * not lower than the expected value.
+ */
+ SMB_ASSERT(min_offset >= dyn_offset);
+ if (buffer_offset < min_offset) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
+
+ /*
+ * Make [input|output]_buffer_offset relative to "dyn_buffer"
+ */
+ offset = buffer_offset - dyn_offset;
+ oob = smb_buffer_oob(dyn_buffer.length, offset, buffer_length);
+ if (oob) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
+
+ /*
+ * Give the caller a hint what we consumed,
+ * the caller may need to add possible padding.
+ */
+ *next_offset = buffer_offset + buffer_length;
+
+ if (max_length == 0) {
+ /*
+ * If max_input_length is 0 we ignore the
+ * input_buffer_length, because Windows 2008 echos the
+ * DCERPC request from the requested input_buffer to
+ * the response input_buffer.
+ *
+ * We just use the same logic also for max_output_length...
+ */
+ buffer_length = 0;
+ }
+
+ if (buffer_length > max_length) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
+
+ *buffer = (DATA_BLOB) {
+ .data = dyn_buffer.data + offset,
+ .length = buffer_length,
+ };
+ return NT_STATUS_OK;
+}
diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index 2afc7165cd9..4452cd808ea 100644
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -390,6 +390,15 @@ void smb2cli_conn_set_cc_max_chunks(struct smbXcli_conn *conn,
void smb2cli_conn_set_mid(struct smbXcli_conn *conn, uint64_t mid);
uint64_t smb2cli_conn_get_mid(struct smbXcli_conn *conn);
+NTSTATUS smb2cli_parse_dyn_buffer(uint32_t dyn_offset,
+ const DATA_BLOB dyn_buffer,
+ uint32_t min_offset,
+ uint32_t buffer_offset,
+ uint32_t buffer_length,
+ uint32_t max_length,
+ uint32_t *next_offset,
+ DATA_BLOB *buffer);
+
struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct smbXcli_conn *conn,
diff --git a/libcli/smb/smb_constants.h b/libcli/smb/smb_constants.h
index d2345f094e1..af8e7204013 100644
--- a/libcli/smb/smb_constants.h
+++ b/libcli/smb/smb_constants.h
@@ -591,6 +591,8 @@ enum csc_policy {
(FSCTL_SMBTORTURE | FSCTL_ACCESS_WRITE | 0x0000 | FSCTL_METHOD_NEITHER)
#define FSCTL_SMBTORTURE_IOCTL_RESPONSE_BODY_PADDING8 \
(FSCTL_SMBTORTURE | FSCTL_ACCESS_WRITE | 0x0010 | FSCTL_METHOD_NEITHER)
+#define FSCTL_SMBTORTURE_GLOBAL_READ_RESPONSE_BODY_PADDING8 \
+ (FSCTL_SMBTORTURE | FSCTL_ACCESS_WRITE | 0x0020 | FSCTL_METHOD_NEITHER)
/*
* A few values from [MS-FSCC] 2.1.2.1 Reparse Tags
diff --git a/selftest/knownfail b/selftest/knownfail
index 4fe503f4cc1..dab0e64c10b 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -144,6 +144,7 @@
^samba4.raw.acls.*.create_owner_file
^samba4.smb2.create.*.acldir
^samba4.smb2.create.*.impersonation
+^samba4.smb2.create.quota-fake-file\(ad_dc_ntvfs\) # not supported by the NTVFS
^samba4.smb2.acls.*.generic
^samba4.smb2.acls.*.inheritflags
^samba4.smb2.acls.*.owner
diff --git a/source3/lib/dbwrap/dbwrap_open.c b/source3/lib/dbwrap/dbwrap_open.c
index e67341607a4..2c6ce3b7104 100644
--- a/source3/lib/dbwrap/dbwrap_open.c
+++ b/source3/lib/dbwrap/dbwrap_open.c
@@ -149,6 +149,10 @@ struct db_context *db_open(TALLOC_CTX *mem_ctx,
* to be initialized.
*/
msg_ctx = global_messaging_context();
+ if (msg_ctx == NULL) {
+ DBG_ERR("Failed to initialize messaging\n");
+ return NULL;
+ }
conn = messaging_ctdb_connection();
if (conn == NULL) {
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index 3cc52cc5ac9..2a2509870e3 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -50,6 +50,7 @@ NTSTATUS cli_cm_force_encryption_creds(struct cli_state *c,
uint16_t major, minor;
uint32_t caplow, caphigh;
NTSTATUS status;
+ bool temp_ipc = false;
if (smbXcli_conn_protocol(c->conn) >= PROTOCOL_SMB2_02) {
status = smb2cli_session_encryption_on(c->smb2.session);
@@ -72,12 +73,26 @@ NTSTATUS cli_cm_force_encryption_creds(struct cli_state *c,
return NT_STATUS_NOT_SUPPORTED;
}
+ if (c->smb1.tcon == NULL) {
+ status = cli_tree_connect_creds(c, "IPC$", "IPC", creds);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("Encryption required and "
+ "can't connect to IPC$ to check "
+ "UNIX CIFS extensions.\n");
+ return NT_STATUS_UNKNOWN_REVISION;
+ }
+ temp_ipc = true;
+ }
+
status = cli_unix_extensions_version(c, &major, &minor, &caplow,
&caphigh);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Encryption required and "
"can't get UNIX CIFS extensions "
"version from server.\n");
+ if (temp_ipc) {
+ cli_tdis(c);
+ }
return NT_STATUS_UNKNOWN_REVISION;
}
@@ -85,6 +100,9 @@ NTSTATUS cli_cm_force_encryption_creds(struct cli_state *c,
d_printf("Encryption required and "
"share %s doesn't support "
"encryption.\n", sharename);
+ if (temp_ipc) {
+ cli_tdis(c);
+ }
return NT_STATUS_UNSUPPORTED_COMPRESSION;
}
@@ -93,9 +111,15 @@ NTSTATUS cli_cm_force_encryption_creds(struct cli_state *c,
--
Samba Shared Repository
More information about the samba-cvs
mailing list